WhatsApp’s New Beta Shows in-app Browser

Facebook-owned messaging app WhatsApp has submitted the beta version of its next update that supports an in-app browser, a feature which is still under development.

WhatsApp version 2.19.74 would show the in-app browser every time the user tries to open a link shared over the app, WABetaInfo reported on Friday.

“If you choose to use the in-app browser when it will be available in future, you should not worry because WhatsApp or Facebook would not be able to access your search history because the feature uses an Android Application Programming Interface (API), so everything is managed by the system,” the report said.

The feature is also being built to detect unsafe pages using the “Safe Browsing” feature which was added to Android 8.1 last year. It would alert users when a page is infected with malicious content.

“In the current stage of development, WhatsApp doesn’t allow to natively make screenshots or video captures while using the in-app browser: reasons are unknown and we don’t know if this will change before the release of the feature,” the report noted.

FILE – The WhatsApp icon is seen on a smartphone in this picture illustration, in Sarajevo, Bosnia and Herzegovina. VOA

The feature is not available as yet and it will require Android 4.1 or newer to function.

“WhatsApp is intentioned to enable this feature for everyone, but this is a great news that confirms their interest for the Android platform,” the report added.

The beta is open for user-testing through the Google Play Beta Programme.

“Welcome to the testing program. You are now a tester. You’ll receive an update to the WhatsApp Messenger app. You can leave the testing programme at any time,” company’s note for willing testers on the PlayStore reads. (IANS)

A man walks past a Google sign outside with a span of the Bay Bridge at rear in San Francisco, May 1, 2019. VOA

Google researchers have identified a vulnerability that accessed all the database files on the victim’s iPhone used by end-to-end encryption apps like WhatsApp, Telegram and iMessage.

In one of the biggest attacks against iPhone users, researchers working in Google’s Project Zero team earlier discovered several hacked websites that used security flaws in iPhones to attack users who visited these websites.

The malicious websites may have compromised personal files, messages, and real time location data of iPhone users. After they reported their findings to Apple, the Cupertino-based tech giant patched the vulnerabilities.

Later, they also revealed that the users’ chats in WhatsApp and Telegram were also compromised.

“In the earlier posts, we examined how the attackers gained ‘unsandboxed’ code execution as root on iPhones.”

“The implant has access to all the database files (on the victim’s phone) used by popular end-to-end encryption apps like WhatsApp, Telegram and iMessage,” said Ian Beer from Google’s Project Zero.

The implant was primarily focused on stealing files and uploading live location data.

FILE – The WhatsApp app logo is seen on a smartphone in this picture illustration. VOA

“The implant can upload private files used by all apps on the device,” said the researchers.

The researchers were able to collect five separate, complete and unique iPhone exploit chains, covering almost every version from iOS 10 through to the latest version of iOS 12.

“This indicated a group making a sustained effort to hack the users of iPhones in certain communities over a period of at least two years,” said Beer.

The websites delivered their malware indiscriminately and were operational for years, said Google.

“Earlier this year, Google’s Threat Analysis Group (TAG) discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day,” said Beer.

There was no target discrimination as simply visiting the hacked site was enough for the exploit server to attack the iPhone, and if it was successful, install a monitoring implant.

“We estimate that these sites receive thousands of visitors per week,” said the Google blog post. (IANS)